package com.ruige.account.config;


import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JwtAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.store.JwtTokenStore;

@Configuration
@EnableResourceServer
//开启方法上的PreAuthorize注解
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true)
public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
    //公钥
    private static final String PUBLIC_KEY = "public.key";

    public static final Logger log = LoggerFactory.getLogger(ResourceServerConfig.class);

    /**
     * 定义JwtTokenStore
     *
     * @param jwtAccessTokenConverter
     * @return
     */

    @Bean
    public TokenStore tokenStore(JwtAccessTokenConverter
                                         jwtAccessTokenConverter) {
        return new JwtTokenStore(jwtAccessTokenConverter);
    }



    /**
     * Http安全配置,对每个到达系统的http请求链接进行校验
     *
     * @param http
     * @throws Exception
     */
    @Override
    public void configure(HttpSecurity http) throws Exception {
//        http.addFilterAfter(new HttpServletRequestCrossFilter(), HeaderWriterFilter.class);
//所有请求必须认证通过

        //不需要权限
        http.authorizeRequests()
                .antMatchers("/**").permitAll();
        log.info("进入配置过滤器");
        http.authorizeRequests()
                .anyRequest().
                authenticated();
//其他地址需要认证授权
    }

//
//    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//        HttpServletRequest request = (HttpServletRequest) servletRequest;
//        HttpServletResponse response = (HttpServletResponse) servletResponse;
//        String requestURI = request.getRequestURI();
//        log.info(requestURI + "进入过滤器!");
//        System.out.println("requestURI = " + requestURI);
//        HttpServletRequestWrapper requestWrapper = new HttpServletRequestWrapper(request) {
//            @Override
//            public String getHeader(String name) {
//                // 先从原本的Request中获取头，如果为空且名字为token，则从参数中查找并返回
//                String superHeader = super.getHeader(name);
//                if ("Authorization".equals(name) && StringUtils.isEmpty(superHeader)) {
//                    String token = "Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJhcHAiXSwibmFtZSI6Iuedv-aIiCIsImlkIjoiMSIsImV4cCI6MTU5MzE3OTAzMiwiYXV0aG9yaXRpZXMiOlsic2Vja2lsbF9saXN0Iiwic2FsZXNtYW4iLCJnb29kc19saXN0IiwiYWNjb3VudGFudCIsInVzZXIiXSwianRpIjoiMzVjOTVkYWQtZjNlMy00MDNjLThmOTAtYzQyZWY4MTYwZjE2IiwiY2xpZW50X2lkIjoicnVpZ2VibG9nIiwidXNlcm5hbWUiOiJydWlnZSJ9.XN_hjN_Ii005lxewmvRLKkVYZHPG5LBnYcPhUO_kyIm91HvPjRVF6nsbelGK65nQb2JvJPiB051vQ8uiIvk0FIlWct3GnEJlVW8ZAZlO8tYMzf0SGpB9BRQM-ZjS5c3wmHtLrHohbbOWoVHwsqDSJ-okAJauGgonKermafcuAb4mwvqBJDv6GiZc3Pdjf1tP6NwCLRWW5TF8YOe_mJ5BUgT02tpRvYbrSKesIz3xO-TcUMkf7h_BSbQWj0o60DHB7ixhLN3zIR_CCaJ8Q1ezT8G9tSdckP_pw75n2l1lQAhG_Yt6njzkidJmnvYE3LQ_VmXiJUujX0rqJ-bbPrExNA";
////                    SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken());
//                    return token;
//                }
//                return superHeader;
//            }
//        };
//
//        String auth = requestWrapper.getHeader("Authorization");
//        System.out.println("Authorization = " + auth);
//        log.info("请求增强并放行");
//        filterChain.doFilter(requestWrapper, response);
//
//
//    }



}
